Job Description

ISSO Specialist

(5) Open Positions all (3) Year Contract Assignments, 40 hours weekly

Role is 100% On site

Education and Certifications:

BS degree is preferred and Security Plus is the minimum 8570 certification requirement.

A TS clearance with SCI eligibility is required. Candidate may be required to pass a CI polygraph.

Description:
Develops and maintains an IS security program and policies for an assigned area of responsibility. Develops and oversees operational IS security implementation policy and guidelines. Monitors alleviable resources that provide warnings of system vulnerabilities or ongoing attacks. Monitors system recovery processes to ensure security features and procedures are properly restored and functioning correctly. Responsible for security assessments, tests, and reviews; ensuring proper measures are taken when an IS incident or vulnerability affecting classified systems or information is discovered. Ensures the application of configuration management policies and procedures for authorizing the use of hardware/software are followed. Ensures systems are operated, maintained, and disposed of in accordance with security policies and procedures as outlined in the SSP. Develops and updates the SSP, manages and controls changes to the system, and assesses the security impact of those changes. Ensures user activity monitoring data is analyzed, stored, and protected in accordance with the ITPSO policies and procedures. Develops and maintains POA&Ms in order to identify IS weaknesses, resources and timelines for corrective actions, and mitigate actions. Ensures all users have the requisite security clearances and authorization and are aware of their security responsibilities.

Candidate must be knowledgeable in computer security principles and policies, to include, Security Technical Implementation Guides (STIGs), National Industrial Security Program Operating Manual (NISPOM), NIST 800-53 / Risk Management Framework (RMF), Joint SAP Implementation Guide (JSIG), Intelligence Community Directive (ICD) 503, and DoD Manual 5205.07 Volumes 1- 4. Candidate must have strong technical skills and be able to respond to off-hours emergencies. Position requires occasional local and overnight travel.

Candidates must have the following requirements:

* Assist and Support necessary compliance activities (e.g., ensure that system security configuration guidelines are followed, compliance monitoring occurs).

* Continuously validate the organization against policies/guidelines/procedures/regulations/laws to ensure compliance.

* Ensure that plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc.

* Promote awareness of security issues among management and ensure sound security principles are reflected in the organization's vision and goals.

* Track audit findings and recommendations to ensure that appropriate mitigation actions are taken.

* Recommend resource allocations required to securely operate and maintain an organization's cybersecurity requirements.

* Provide technical documents, incident reports, findings from computer examinations, summaries, and other situational awareness information to key stake holders. Recognize a possible security violation and take appropriate action to report the incident, as required.

 Assist the Program Managers and the Information System Security Manager (ISSM) in the development and maintenance of System Security Plans (SSP) and associated artifacts such as the Plan of Action & Milestones (POA&M), Risk Assessment Report, and Continuous Monitoring Strategy.

* Ensure systems are operated, maintained, and disposed of in accordance with organization security policies and procedures.

* Conduct network, system, and application vulnerability scanning, configuration assessment, and remediation.

* Lead and align information technology (IT) security priorities with the security strategy.

* Prepare for and participate in periodic organization compliance assessments. Interpret patterns of noncompliance to determine their impact on levels of risk and/or overall effectiveness of the enterprise's cybersecurity program.

Application Instructions

Please click on the link below to apply for this position. A new window will open and direct you to apply at our corporate careers page. We look forward to hearing from you!

Apply Online